ClawHub

SlideSpeak

Security checks across malware telemetry and agentic risk

Overview

This SlideSpeak skill appears to do what it claims: send user-selected documents and generation requests to SlideSpeak to create presentations, with some external-service privacy cautions.

Install only if you are comfortable sending selected files, prompts, and presentation content to SlideSpeak. Do not upload confidential, regulated, or secret-bearing documents unless your organization approves that service, keep SLIDESPEAK_API_KEY in a secure environment variable or secret manager, and only register webhook callback URLs you control and trust.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Context-Inappropriate Capability

Medium
Confidence
92% confidence
Finding
The script exposes generic webhook subscribe/unsubscribe operations that let a caller register an arbitrary callback URL with the third-party service. In an agent-skill context, this expands capability beyond simple presentation generation and can be abused to route asynchronous data, task metadata, or future notifications to attacker-controlled infrastructure, creating a data exfiltration and unauthorized integration risk.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill instructs users to upload documents and generate presentations through the SlideSpeak API, but it does not clearly disclose that the document contents and prompts are sent to a third-party service. This can cause unintentional exfiltration of sensitive, proprietary, or regulated data because users may assume processing is local or agent-internal.

Missing User Warnings

Low
Confidence
89% confidence
Finding
The skill requires a third-party API key but does not warn about safe handling of that credential or clarify that it grants access to an external service account. This increases the chance of accidental disclosure, misuse in logs/scripts, or confusion about trust boundaries when operating the skill.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The upload command reads an arbitrary local file and sends its raw contents to the SlideSpeak API with no built-in warning, confirmation, or path restrictions. In an agent environment, this is dangerous because a prompt or workflow could cause sensitive local documents to be transmitted off-host to a third party without the user's informed consent.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal